The problem

The threat of cyber attacks is increasing every day. Cyber attackers are moving faster and more effectively than ever before with the use of AI, and they’re consistently attacking the most vulnerable businesses—software businesses. 

Software used to be a simple supply chain, with fewer security tools, and an overall smaller ‘attack surface area’, making it relatively simple to identify vulnerabilities and find fixes. But today, software companies use a complex network of tools, making it virtually impossible to manually find which vulnerability you need to fix next—particularly as it takes attackers just three minutes to exploit a vulnerability. 

The number of common vulnerabilities and exposures (CVEs) is increasing exponentially, 220,000 in 2023 up from 6700 in 2015. Only 1%-10% of these are relevant, but current systems require teams to fix each vulnerability manually, meaning they are creating a flood of issues without a flood gate. Nor are team sizes increasing to meet this demand, leading to burnout.

The solution

Phoenix is revolutionising the cyber security market with a fix-first, Ai-powered application security posture management platform. They have built a vulnerability management platform that aggregates vulnerabilities from across various platforms from code to cloud, enriches these problems with business risk context, and accurately prioritises fixes based on this information.

Phoenix has developed a 4D quantitative risk formula to holistically evaluate vulnerabilities with live threat intelligence. Moreover, they’re bringing surface management and application security into one single view, bridging the gap between technical and non-technical staff. It allows security teams and CISOs to set risk-based targets that will then translate directly into actionable fixes for developers. 

In short—Phoenix delivers the most important fix to the right team in the right context, reducing burnout and alert fatigue.

Why we’re excited to invest

Edoardo Gentili, investor at Founders Factory, says: “Phoenix addresses a critical pain point in the cybersecurity landscape: the overwhelming volume of vulnerabilities facing modern businesses. Their 'Fix First AI ASPM platform' not only enhances security effectiveness, but also alleviates burnout prevalent among security teams. With vulnerabilities outpacing budget growth and cyberattacks becoming increasingly sophisticated, Phoenix's solution is timely and essential. We believe their innovative approach positions them to lead the next wave of AI-driven cybersecurity solutions, offering businesses a crucial tool in the ongoing battle against cyber threats.”